The `policy` Kustomize project defines various cluster-wide security policies. Initially, this includes a Validating Admission Policy that prevents pods from using the host's network namespace.
